Associate Director/Director of Compliance and Data Privacy

Position Overview 

We are seeking a highly motivated and versatile compliance professional to join our growing Legal & Compliance team as the Associate Director/Director of Compliance and Data Privacy. This individual will be responsible for developing, implementing, and enhancing Immunome’s compliance and data privacy programs, with a focus on supporting ethical and compliant business practices across the organization. 
 
Reporting to the Sr. Director of Compliance and Data Privacy, this role will partner closely with stakeholders across all functions—commercial, medical, R&D, clinical operations, IT, and HR—to proactively identify risks, foster a culture of compliance, and ensure adherence to applicable laws and regulations. The position requires strong project management, sound judgment, excellent communication skills, and the ability to thrive in a dynamic, fast-paced biotech environment. 

Responsibilities 

• Develop, implement, and oversee Immunome’s corporate compliance program, including policies, procedures, training, monitoring, and reporting. 

• Establish and manage a robust data privacy program in line with HIPAA, GDPR, CCPA, and other applicable data protection regulations. 

• Partner with internal stakeholders to integrate compliance and data privacy considerations into business operations, research, clinical trials, commercial activities, and vendor relationships. 

• Conduct compliance and privacy training programs to ensure understanding of key requirements, ethical standards, and evolving regulatory obligations. 

• Support processes related to transparency reporting, monitoring, investigations, and corrective action plans. 

• Maintain knowledge of relevant laws, regulations, and industry guidance, including the Anti-Kickback Statute, False Claims Act, Sunshine Act, state reporting requirements, PhRMA Code, and global data privacy regulations. 

• Provide practical, business-focused compliance and privacy advice to senior leadership and cross-functional teams. 

• Lead internal audits and risk assessments to identify gaps and implement mitigation strategies. 

• Collaborate with IT and Security teams to address data governance, cyber security, and vendor management from a privacy perspective. 

Qualifications 

• J.D., required. 

• A minimum of 7+ years of compliance experience in the biopharmaceutical or healthcare industry, with direct involvement in corporate compliance and data privacy programs. 

• Demonstrated experience designing and enhancing compliance programs in a growth-stage or publicly traded biotech company. 

• Ability to travel up to 10–20% of the time. 

Knowledge and Skills 

• Expertise in U.S. healthcare laws and regulations, with knowledge of global data privacy frameworks (HIPAA, GDPR, CCPA, etc.). 

• Proven ability to partner effectively with commercial, medical, clinical, and R&D teams to achieve business goals while mitigating compliance and privacy risks. 

• Exceptional organizational and project management skills, with the ability to manage multiple priorities in a fast-paced environment. 

• Excellent interpersonal, verbal, and written communication skills, including the ability to interact effectively with employees at all levels, including executive leadership. 

• High ethical standards and commitment to handling sensitive and confidential information with integrity.